👉 Try the demo: https://github.com/LM-Kit/lm-kit-net-samples/tree/main/console_net/ai-agents/permissions/agent_permissions

Agent Tool Permissions Lab for C# .NET Applications

🎯 Purpose of the Demo

An interactive console app that demonstrates three ToolPermissionPolicy profiles applied to the same agent: a locked-down safeChat, a devAssistant with limited filesystem and read-only HTTP, and a strictly readOnlyOps profile. Compare policies side-by-side or chat under any single profile.

All inference runs on-device.

👥 Industry Target Audience

• Enterprise / security engineering: ship agents with auditable allow/deny lists.
• DevOps: contain what an agent can do on a build server or developer workstation.
• Compliance: prove an agent cannot reach forbidden tools at runtime.
• App developers: pick the right starting profile for a new feature.

🚀 Problem Solved

A production agent must not see "you have shell exec, do whatever" as the default. Permission policies are how an agent ships to enterprises that need audit trails, deny lists, and approval gates. The demo shows how the same prompt behaves under different policies; the contrast makes the policy effects obvious.

💻 Application Overview

Interactive menu (no command-line arguments) with three modes:

Mode	What it does
Describe	Print every policy: default action and max risk level.
Compare	Run probes (built-in default or custom) across all three policies side-by-side.
Chat	Pick one policy and chat interactively under that profile.
Quit	Exit.

Every built-in tool is registered. The policy alone decides what the agent can actually call.

✨ Key Features

• ToolPermissionPolicy fluent builder: Allow, Deny, AllowCategory, DenyCategory, RequireApproval.
• Wildcards: filesystem_*, http_*, *write*, *delete*, process_*.
• SetMaxRiskLevel(ToolRiskLevel): hard ceiling on risk.
• Agent.CreateBuilder().WithPermissionPolicy(policy) wiring.
• Three profiles: safeChat, devAssistant, readOnlyOps.

🧠 Model

• qwen3.5:4b (tool-capable, current Qwen 3.5 dense).

🛠️ Getting Started

📋 Prerequisites

• .NET 8.0 or later

▶️ Running the Application

git clone https://github.com/LM-Kit/lm-kit-net-samples
cd lm-kit-net-samples/console_net/ai-agents/permissions/agent_permissions
dotnet run

Pick a mode from the menu.

📚 Related Content

• Secure Agent Tool Access with Permission Policies (how-to)
• Build a Security and Compliance Toolkit Agent (how-to)
• Tool-Calling Assistant Demo